[Servercert-wg] [EXTERNAL] Clarification about EVG 9.2.4

Dimitris Zacharopoulos (HARICA) dzacharo at harica.gr
Mon Dec 2 10:26:01 MST 2019 


On 2019-12-02 7:12 μ.μ., Bruce Morton wrote:
>
> Hi Dimitris,
>
> My interpretation is the following:
>
>  1. If the organization is registered at the country level, then the
>     certificate must include the /subject:jurisdictionCountryName.///
>  2. /If /the organization is /registered as the state/province level,
>     /then the certificate must include the
>     /subject:jurisdictionStateOrProvinceName/ and the
>     /subject:jurisdictionCountryName.///
>  3. /If /the organization is /registered at the locality level, /then
>     the certificate must include the
>     /subject:jurisdictionLocalityName/ and the
>     /subject:jurisdictionCountryName;//and must include the
>     //subject:jurisdictionStateOrProvinceName, //only if the locality
>     is in a state/province./
>

Hi Bruce, thanks for your reply.

The first two are quite clear.

The following:
"/and must include the //subject:jurisdictionStateOrProvinceName, //only 
if the locality is in a state/province"/

is not so clear to me. Perhaps you could elaborate with a couple of 
theoretical examples? I seems that the StateOrProvince is mixed with 
Locality in your description but I might have misunderstood.


Dimitris.


>  1. //
>
> //
>
> /Bruce./
>
> *From:* Servercert-wg <servercert-wg-bounces at cabforum.org> *On Behalf 
> Of *Dimitris Zacharopoulos (HARICA) via Servercert-wg
> *Sent:* Monday, December 2, 2019 12:02 PM
> *To:* CA/B Forum Server Certificate WG Public Discussion List 
> <servercert-wg at cabforum.org>
> *Subject:* [EXTERNAL][Servercert-wg] Clarification about EVG 9.2.4
>
> *WARNING:* This email originated outside of Entrust Datacard.
> *DO NOT CLICK* links or attachments unless you trust the sender and 
> know the content is safe.
>
> ------------------------------------------------------------------------
>
>
> Dear members,
>
> I would like to ask for a clarification/interpretation about section 
> 9.2.4 of the EV Guidelines and please forgive me if this has been 
> discussed in the past.
>
>
>       9.2.4. Subject Jurisdiction of Incorporation or Registration Field
>
> "*Contents:* These fields MUST NOT contain information that is not 
> relevant to the level of the Incorporating Agency or Registration 
> Agency. For example, the Jurisdiction of Incorporation for an 
> Incorporating Agency or Jurisdiction of Registration for a 
> Registration Agency that operates at the country level MUST include 
> the country information but MUST NOT include the state or province or 
> locality information. Similarly, the jurisdiction for the applicable 
> Incorporating Agency or Registration Agency at the state or province 
> level MUST include both country and state or province information, but 
> MUST NOT include locality information. And, the jurisdiction for the 
> applicable Incorporating Agency or Registration Agency at the locality 
> level MUST include the country and state or province information, 
> where the state or province regulates the registration of the entities 
> at the locality level, as well as the locality information. Country 
> information MUST be specified using the applicable ISO country code. 
> State or province or locality information (where applicable) for the 
> Subject's Jurisdiction of Incorporation or Registration MUST be 
> specified using the full name of the applicable jurisdiction."
>
> Is it allowed to include a /subject:jurisdictionLocalityName/ without 
> providing a /subject:jurisdictionStateOrProvinceName/?
>
> The requirement says "And, the jurisdiction for the applicable 
> Incorporating Agency or Registration Agency at the locality level MUST 
> include the country and state or province information, where the state 
> or province regulates the registration of the entities at the locality 
> level, as well as the locality information."
>
> In one interpretation, if there is no "state or province" that 
> regulates the registration of entities but this registration is done 
> at the locality level, then the 
> /subject:jurisdictionStateOrProvinceName/ can be omitted and only the 
> /subject:jurisdictionLocalityName/ is included along with the 
> /subject:jurisdictionCountryName/. Is this an accurate and valid 
> interpretation?
>
>
> Thank you,
> Dimitris.
>
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20191202/929a5a3b/attachment-0001.html>

More information about the Servercert-wg mailing list